One of the options thats a tad bit hidden in OS X is the Secure Erase option, which runs a multi-pass erase on a volume. Additionally, there’s no option to Secure Erase free space on a volume. But you can still securely erase whatever you’d like (other than you boot volume obviously), when needed. To do so, use the diskutil command along with the secureErase option.
The format of the command to secureErase freespace is:
diskutil secureErase freespace [level] [device]
The levels are as follows (per the man page as not all of these are specified in Disk Utility):
- Single-pass zero-fill erase
- Single-pass random-fill erase
- US DoD 7-pass secure erase
- Gutmann algorithm 35-pass secure erase
- US DoE algorithm 3-pass secure erase
So for example, let’s say you had a volume called Seldon and you wanted to do a standard Single-pass zero-fill erase. In this example you would use the following:
diskutil secureErase freespace 0 /Volumes/Seldon
If you were to automate the command then you would want to dump the output into a log file. For example:
diskutil secureErase freespace 0 /Volumes/Seldon > /var/log/secureeraselog.tmp
You can also secureErase a volume itself. To erase a volume called /Volumes/Seldon, use the same structure of the command, but this time without the freespace option:
diskutil secureErase 0 /Volumes/Seldon
The latest update to Disk Utility removes a lot of options from the GUI, but overall, I have yet to find a scenario where a task I need to perform isn’t still available, if only from the command line.
krypted January 7th, 2016
Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment
Apple, clear free space, DoD, file removal, MAC, scripting, secure erase, secureerase, seven pass erase
The Cipher tool can overwrite deleted data in much the same way the Secure Empty Trash or Secure Erase options work in OS X. To do so, use the cipher command along with the /w switch while all programs on the system are quit.
Then, from a command prompt use the /w switch followed by : and then the path to the location you’d like to overwrite. For example, if you deleted a folder from the c:/MYAPPDATA folder, you would use the following to remove data not allocated to files or folders:
cipher /w c:/MYAPPDATA
Note: The cipher command permanently removes data and so takes awhile according to the amount of data you’re overwriting.
krypted September 16th, 2013
Posted In: Windows Server
cipher, empty, secure delete, secure erase, server 2012, Windows Server